NEW: exec at zero-day supplier pleads guilty to selling to buyer in Russia.

FBI had warned elite supplier Trenchant about a potential leak in 2024...

Appears that Peter Williams was leading the internal investigation & meeting with FBI even as he did deals.

Wild.

He's… https://t.co/F04J2N5EEz pic.twitter.com/3CWa6VJxbh

— John Scott-Railton (@jsrailton) October 29, 2025

We derestricted https://t.co/DvAkrs21i4 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See https://t.co/ovkSmnegNP for a PoC exploit. Also affected other browsers

— Samuel Groß (@5aelo) October 29, 2025

Must be weird being a serious engineer at Anthropic and next to you is Ralph Wiggum doing experiments to see if the matrix multiplication has feelings.

— Sean Heelan (@seanhn) October 29, 2025

This podcast explores the immense challenge of managing millions of digital files retrieved from #ISIS -controlled territories—from battlefield evidence on hard drives and drones to administrative documents detailing the organization’s operations. https://t.co/F8I1VlgEyJ

— switched (@switch_d) October 29, 2025

Just published my #flareon12 challenge 8 write-up
Spent hours playing with Intel Pin (wrong path 😅), then switched to a bottom-up event-based approach using WinDbg TTD, x64dbg, ret-sync & IDA — felt like cracking old game trial licenses again 😄
🔗 https://t.co/5AqdQHaUqc

— ReverseThatApp (@ReverseThatApp) October 29, 2025

Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange who loves converting n-days to 0-days https://t.co/2ev64hf2Ng

— CODE WHITE GmbH (@codewhitesec) October 29, 2025

Great article about how TEEs are providing much less security than folks believe they will. https://t.co/fXpftAXowY

— Matthew Green is on BlueSky (@matthew_d_green) October 29, 2025

"No, I wasn't stealing your IP, I was jerking off" is quite the defense. https://t.co/4ytsMG4uSZ

— Corey Quinn (@QuinnyPig) October 29, 2025

In the recent documents leaked by KittenBusters, we see a part related to #APT35's infrastructure. By logging into several user accounts of this group on the Edis Global website with the leaked passwords, I downloaded the invoices and categorized them here for those who want to… pic.twitter.com/H3G3OSDjrF

— Nariman Gharib (@NarimanGharib) October 29, 2025

In our new article, Maxime Desbrus examines a technique for easily creating a Rust “Two-Face” binary for #Linux:
➡️ in most environments it runs a benign program;
➡️ but on a specific host it launches an entirely different, much more discreet payload.

Read it here 🔗…

— Synacktiv (@Synacktiv) October 29, 2025